I guess my email address is somehow encoded in the exported public GnuPG-Key (Please tell me, if I'm wrong here).
If I want to upload my public GnuPG-Key on my homepage, should I obfuscate the link to this GnuPG-Key? (for example with some code of JavaScript)
Because normal obfuscation wants to make it expensive (in computation time) for a bot to extract the obfuscated information from a website, my main question is: How expensive (in computer time) would it be to extract the email from the public GnuPG-Key? Would an email crawler do this?
PS: In this thread I don't want to discuss the question whether it is necessary to spend time in email address obfuscation or not. Please imagine for this post, that email address protection against crawler is important.
You are right about the email being part of your GnuPG public key. From the manual:
A public key consists of the public portion of the master signing key, the public portions of the subordinate signing and encryption subkeys, and a set of user IDs used to associate the public key with a real person. Each piece has data about itself. For a key, this data includes its ID, when it was created, when it will expire, etc. For a user ID, this data includes the name of the real person it identifies, an optional comment, and an email address.
It is not particularly expensive to harvest this data from published keys, and yes, some email crawlers do so. Read some of the comments on this Q&A (search for "spam"):
http://security.stackexchange.com/questions/406/how-should-i-distribute-my-public-key
However, a spammer who intends to harvest emails this way will probably just point their software at one of the many public key servers out there, so your page is probably safe from them. Why crawl the whole web when most keys that are published are already gathered together for them?
If you are still concerned about your email address falling into the wrong hands though, it's not much trouble to obfuscate a link, so why not?